The maker of the popular open source file encryption software VeraCrypt said Microsoft locked his online account, which may prevent device owners from booting up their computers.
And MS probably won’t do it willy-nilly because their stack is peobably using it to some degree and many more of those Fortune-X00 are very likely something RHEL. So fucking that over will crash their stock like it did with CrowdStrike but much much worse.
I think it is just chain of trust. Many used Microslop as the trust authority (may be due to convenience? I have no idea). Debian has a nice page on Secure boot and how it works.
And this why Secure Boot can’t be trusted. It is Micro$lop that signs and issues the keys.
Secure Boot has nothing to do with Microsoft, it’s a UEFI feature.
You can enroll your own Platform Key and have complete control over the entire Secure Boot system.
https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot
I use a signed Unified Kernel Image to use Secure Boot and my machine has zero Microsoft software on it. (Arch, btw)
wasn’t there some dumb shit like every linux distro using fedora keys which were from microsoft?
Microsoft signs Red Hat certs then Red Hat signs everyone’s certs, so the only thing Microsoft can do is to revoke Linux as a whole.
It’s the solution that requires minimal user effort since most computers are designed for Windows.
And MS probably won’t do it willy-nilly because their stack is peobably using it to some degree and many more of those Fortune-X00 are very likely something RHEL. So fucking that over will crash their stock like it did with CrowdStrike but much much worse.
not only likely… i read somewhere that make more money with linux stuff on azure than with anything else they do can’t find the source rn tho
I think it is just chain of trust. Many used Microslop as the trust authority (may be due to convenience? I have no idea). Debian has a nice page on Secure boot and how it works.
You can use custom keys with secure boot. Any PC newer than 2015 should give you that option.
You don’t have to use Microsoft’s keys.
This isn’t a secure boot issue. This is a bootloader issue.